summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-11-08T6861: op-mode: ignore error code 255 if this UEFI doesn't support secure bootDate Huang
`mokutil --sb-state` will output "This system doesn't support Secure Boot" to stderr. and return error code 255 if the UEFI system doesn't support secure boot. Signed-off-by: Date Huang <tjjh89017@hotmail.com>
2024-11-08T6802: Fix QoS Policy Round-Robin with Default Configuration (#4177)Roman Khramshin
- Resolved unhandled exception occurring with default round-robin policy config. - Added default filter to ensure proper round-robin policy.
2024-11-08dhcp_server: T6031: DHCP Option Failures - windows-static-route (#4183)Nataliia S.
In "option-def" parameter "record-types" field is an array of uint8 in format "<netmask>, <network-byte1>, <network-byte2>, <network-byte3>, <router-byte1>, <router-byte2>, <router-byte3>" where <network-byte3> with the value 0 is omitted, so the minimal length of array is 7 (e.g. for routing 10.1.0.0/16 via 10.1.6.4 "record-types": "16,10,1,10,1,6,4")
2024-11-07syslog: T6858: bugfix remote syslog using TCPChristian Breunig
Commit 042be39cc ("syslog: T5367: add format option to include timezone in message") added an invalid, outer if-statement when rendering the rsyslog configuration option for TCP. Remote hosts only got added when the format option "octet-counting" was defined in addition to the TCP protocol. This has been fix and now TCP transport is decoupled from octet-counting mode.
2024-11-07smoketest: T6719: use read_file() over 'sudo cat FILENAME'Christian Breunig
2024-11-07Merge pull request #4151 from natali-rs1985/T6695Daniil Baturin
T6695: Machine-readable operational mode support for traceroute
2024-11-07T3501: Allow using more than one tuned profileNataliia Solomko
2024-11-06Merge pull request #4184 from natali-rs1985/T6852Christian Breunig
dhcp_server: T6852: Add op mode command "show dhcpv6 server statistics"
2024-11-05T6764: Fix unhandled exception on ethtool output parsing for Xen NICs (#4182)Viacheslav Hletenko
Not all NICs could provide ring-buffers info requested by ethtool in JSON format For example 'vif' Xen/XCP-NG interfaces Fix it
2024-11-05dhcp_server: T6852: Add op mode command "show dhcpv6 server statistics"Nataliia Solomko
2024-11-01Merge pull request #4171 from aslanvyos/patch-1Daniil Baturin
system_login: T6807: allow a trailing slash character in system login
2024-10-28Merge pull request #4172 from natali-rs1985/T6808-currentJohn Estabrook
op_mode: T6808: Console server op mode commands throw errors when console server is not configured
2024-10-28Merge pull request #4178 from vyos/T6712-motd-80-25-terminalJohn Estabrook
login: T6712: honor 80x25 terminal size for nonproduction banner message
2024-10-27login: T6712: honor 80x25 terminal size for nonproduction banner messageT6712-motd-80-25-terminalChristian Breunig
2024-10-25T6812: Fix smoketest iproute2 check (#4174)Viacheslav Hletenko
In the new iproute2 package the link to `ip` was changed $ file /usr/sbin/ip /usr/sbin/ip: symbolic link to ../bin/ip Fix smoketest
2024-10-24op_mode: T6808: Console server op mode commands throw errors when console ↵Nataliia Solomko
server is not configured
2024-10-24T6807: allow a trailing slash character in system loginAslan Hajiyev
Allow the use of a trailing slash `("/")` at the of the user's home directory path. For example `/home/test/`
2024-10-24Merge pull request #4155 from HollyGurza/T4583Christian Breunig
T4583: Rewrite VRRP op-mode to vyos.opmode format
2024-10-21Merge pull request #4167 from HollyGurza/T6791Daniil Baturin
T6791: Extend fair-queue hash-interval
2024-10-21T6791: Extend fair-queue hash-intervalkhramshinr
2024-10-21Merge branch 'current' into T6695Nataliia S.
2024-10-19T6784: enabled repo-sync wokrflow only for current and equuleus (#4163)Vijayakumar A
2024-10-19Merge pull request #4165 from natali-rs1985/T4914-currentChristian Breunig
pki: T4914: Rewrite the PKI op mode in the new style
2024-10-18pki: T4914: reformat file by linter rulesNataliia Solomko
2024-10-18pki: T4914: Rewrite the PKI op mode in the new styleNataliia Solomko
2024-10-17T4583: Rewrite VRRP op-mode to vyos.opmode formatkhramshinr
reformat file by linter rules
2024-10-17T4583: Rewrite VRRP op-mode to vyos.opmode formatkhramshinr
2024-10-17T973: add basic frr_exporter implementation (#4150)Robert Göhler
2024-10-11T6695: normalize formattingNataliia Solomko
2024-10-11T6695: Machine-readable operational mode support for tracerouteNataliia Solomko
2024-10-11T6712: Add nonproduction banner (#4149)mergify[bot]
(cherry picked from commit 3abe7c72c95c3d9b825db08b092c555786e9fbcf) Co-authored-by: Viacheslav Hletenko <v.gletenko@vyos.io>
2024-10-10Merge pull request #4146 from sarthurdev/pki_ecDaniil Baturin
pki: T6766: Add support for ECDSA private keys
2024-10-10Merge pull request #4147 from sarthurdev/haproxyDaniil Baturin
haproxy: T6745: Rename reverse-proxy to haproxy
2024-10-09haproxy: T6745: Add haproxy migration to config testsarthurdev
2024-10-09haproxy: T6745: Rename `reverse-proxy` to `haproxy`sarthurdev
2024-10-09pki: T6766: Add support for ECDSA private keyssarthurdev
2024-10-08Merge pull request #4128 from jestabro/commit-confirm-soft-rollbackJohn Estabrook
config-mgmt: T5976: add option for commit-confirm to use 'soft' rollback
2024-10-08config-mgmt: T5976: display message when reverting to previous configJohn Estabrook
2024-10-07Merge pull request #4138 from natali-rs1985/T4318-currentJohn Estabrook
vyos.configtree: T4318: Allow set tag flag to true or false
2024-10-07vyos.configtree: T4318: Allow set tag flag to true or falseNataliia Solomko
2024-10-07Merge pull request #4129 from c-po/accel-smoketestChristian Breunig
smoketest: T4576: add guard timeout for systemd in log level tests
2024-10-07config-mgmt: T5976: move commit-confirm revert action to subnodeJohn Estabrook
2024-10-07Merge pull request #4124 from dmbaturin/T6740-set-to-config-converterJohn Estabrook
cli: T6740: add a converter from set commands to config
2024-10-07cli: T6740: set_tag on created paths and add parse step for orderingJohn Estabrook
Signed-off-by: Daniil Baturin <daniil@baturin.org>
2024-10-07Merge pull request #3938 from talmakion/feature/T6430-local-pbrChristian Breunig
pbr: T6430: Local IP rules targeting VRFs by name as well as route table IDs
2024-10-07xml: T6430: add re-usable vrf CLI node for firewall and pbrChristian Breunig
2024-10-07pbr: T6430: Local IP rules routing into VRFs by nameAndrew Topp
* This is the `policy local-route*` part of T6430, manipulating ip rules, another PR covers firewall-backed `policy route*` for similar functionality * Local PBR (policy local-route*) can only target table IDs up to 200 and the previous PR to extend the range was rejected * PBR with this PR can now also target VRFs directly by name, working around targeting problems for VRF table IDs outside the overlapping 100-200 range * Validation ensures rules can't target both a table ID and a VRF name (internally they are handled the same) * Relocated TestPolicyRoute.verify_rules() into VyOSUnitTestSHIM.TestCase, extended to allow lookups in other address families (IPv6 in the new tests). verify_rules() is used by original pbr and new lpbr smoketests in this PR.
2024-10-07Merge pull request #4118 from c-po/acme-ca-certDaniil Baturin
pki: T6481: auto import ACME certificate chain into CLI
2024-10-07Merge pull request #4133 from c-po/parallel-smoketestsChristian Breunig
GitHub: T6494: add parallel step to run interface based smoketests
2024-10-06pki: T6481: auto import ACME certificate chain into CLIChristian Breunig
When using an ACME based certificate with VyOS we provide the necessary PEM files opaque in the background when using the internal tools. This however will not properly work with the CA chain portion, as the system is based on the "pki certificate <name> acme" CLI node of a certificate but CA chains reside under "pki ca". This adds support for importing the PEM data of a CA chain issued via ACME into the "pki ca AUTOCHAIN_<name> certificate" subsystem so it can be queried by other daemons. Importing the chain only happens, when the chain was not already added manually by the user. ACME certificate chains that are automatically added to the CLI are all prefixed using AUTOCHAIN_certname so they can be consumed by any daemon. This also adds a safeguard when the intermediate CA changes, the referenced name on the CLI stays consitent for any pending daemon updates.
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-22 19:14:13 +0000